It is becoming increasing more difficult to spot malicious emails, however by training your staff on what to look for you can reduce the chances of becoming a victim. Security awareness training is not a one off – lunch and learn series – but rather a continuous training method. The training should focus on not just how to spot phishing email, but also texts, as well as safe browsing.

You can run a quick check to see how many would be susceptible to a phishing email by performing a free phish test, in addition you can perform a domain spoof test to see if threat actors can spoof an email within your domain.